Data privacy is of critical concern to individuals, companies, and government agencies. Individuals are generating and sharing various types of sensitive data, including personal data (e.g., social, financial, behavioral, etc.) and data they have received from others. Companies are receiving and storing such data from users (e.g., through social media applications, business applications, home automation products, etc.), as well as their own sensitive data (e.g., corporate planning, finances, human resources, competitive intelligence, etc.). Governments agencies are collecting data from citizens and non-citizens, collecting environmental and intelligence data, sharing data among agencies, and exchanging data with private enterprises. These various types of data are continuously expanding in variety and volume, and are being stored in numerous different storage platforms (e.g., personal computers, mobile devices, corporate servers and databases, private and public cloud storage, etc.). In many cases, the data is further replicated or mirrored for storage on backup equipment.
Unfortunately, data in such environments is often stored in an unsecure manner. In some circumstances, data is stored in an unencrypted manner on hard drives or in databases. Even in situations where attempts are made at data security, such as data encryption, data is often stored on a single server (or limited group of servers) and encrypted by a single master key, and consequently the data, and access to it, may be vulnerable to various attack techniques. For example, if an attacker performs a denial-of-service attack on a storage server, or a credentials server controlling access to the data, the data will not be accessible. The attacker can also steal the master key (e.g., through a privilege-escalation attack, phishing, malicious insider, etc.) and decrypt the stored data. In addition, the server is vulnerable to a physical attack, or accidental damage, such as when the hard drive gets stolen, broken, or damaged.
Users, generators, and hosts of sensitive data are concerned about the security of their data. High-profile data losses, attacks, and ransom attempts heighten these concerns. Even large, well-known enterprises (e.g., leading social network providers, software companies, gaming companies, e-commerce sites, etc.) cannot guarantee the safe storage and handling of users' data. Moreover, even if such enterprises could ensure the safe storage of users' data, users still maintain concerns that the enterprises will use the data in ways that the users to not authorize. For example, users have concerns that companies may use their data for creating unauthorized behavioral profiles, and may even share the data with other companies or government agencies. Given the inherent ease of copying data and sharing it, and the inherent difficulty in users controlling their data once it has been disseminated, the need for secure handling and storage of data is fundamental in nature and complex to achieve.
Accordingly, in view of these and other deficiencies in existing techniques, technological solutions are needed for securely generating, storing, and sharing sensitive data. Solutions should advantageously allow users to uniquely control who else can access their data, while preventing access by others. Indeed, even if user data is replicated or shared without the user's knowledge, or stored in an insecure manner, the security of the data should still be maintained. Further, users should be able to access their own data, and other data shared with them, in an authorized manner upon demand and without undue complications or difficulties. Further, solutions should be highly scalable, such that there are no significant increases in computational power, bandwidth, or storage space required to implement them.
In addition, such technological solutions should be credential-less and secret-less in their implementation. Secrets (e.g., tokens, passwords, keys, etc.) should not be stored and made vulnerable anywhere in a system. Users should not be required to present such secrets in order to obtain access to their data. At the same time, only the user who owns certain data should be able to access it. For example, a unique biometric trait or other unique information type accessible only to the actual physical user may be used to enable the user to access (e.g., decrypt) their data. Through such a technique, an enterprise storing the data would not be able to access (e.g., decrypt) the data. Nor would a malicious user who managed to steal the data be able to access (e.g., decrypt) the data.